Claims 

1 1 . A computer-implemented method for computer virus prevention, said 

2 method comprising the steps of: 

3 entering a first computer virus status mode in response to a first computer virus 

4 outbreak report; 

5 generating a first computer virus alert time corresponding to entry into the first 

6 computer virus status mode; 

7 comparing a time stamp of a computer content with the first computer virus alert 

8 time; and 

9 determining the executability of the computer content in response to the result of 
1 0 the comparing step. 

1 2. The method of claim 1, wherein the step of generating the first virus alert 

2 time comprises the steps of: 

3 entering a first access control time based on the first virus outbreak report; and 

4 converting the first access control time into the first virus alert time. 

1 3. The method of claim 2, wherein the first access control time is a relative 

2 time stamp. 

1 4. The method of claim 2, wherein the first access control time is a pre- 

2 determined time period for access control under the first computer virus status mode. 

1 5. The method of claim 1, further comprising the step of: 

2 determining the presence of a value representing the computer content in a memory 

3 table of executable computer content. 
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1 6. The method of claim 5, wherein the computer content is not executed when 

2 the value representing the computer content is not present in the memory table of 

3 executable computer content. 

1 7. The method of claim 5, wherein the value is a hash value of the computer 

2 content. 

1 8. The method of claim 1 , wherein the computer content is executed only 

2 when the computer content is time stamped prior to the first computer virus alert time. 

1 9. The method of claim 1, further comprising the steps of: 

2 entering types of computer codes that should be blocked from execution in response 

3 to the first computer virus outbreak report; and 

4 blocking execution of a computer code that belongs to the entered types of 

5 computer codes. 

1 10. The method of claim 1, further comprising the steps of: 

2 generating a second virus alert time in response to a second computer virus 

3 outbreak report; 

4 comparing the time stamp of the computer content with the second computer virus 

5 alert time; 

6 performing anti-virus processing upon the computer content; and 

7 determining the executability of the computer content in response to the result of 

8 comparing the time stamp of the computer content with the second 

9 computer virus alert time. 

1 11. The method of claim 1 , wherein the computer content is attached to an E- 

2 mail body, and said method further comprises the steps of: 
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3 removing the computer content from the E-mail body; and 

4 denying execution of the computer content. 

1 12. A computer access control system for computer virus prevention, said 

2 system comprising: 

3 an access control console, for entering a first computer virus status mode and for 

4 generating a virus access control time; and 

5 an anti-virus module, coupled to the access control console, configured to generate 

6 a virus alert time based on the virus access control time and to compare a 

7 time stamp of a target computer content with the virus alert time prior to 

8 execution of the target computer content. 

1 13. The system of claim 12, wherein the target computer content is one of a 

2 plurality of computer contents, and the anti- virus module further comprises: 

3 a memory module for storing time stamps of the plurality of computer contents; and 

4 an access control module, coupled to the access control console and to the memory 

5 module, for generating the virus alert time and for comparing the time 

6 stamp of each target computer content with the virus alert time. 

1 14. The system of claim 13, wherein the anti-virus module further comprises: 

2 a computer virus processing module, coupled to the access control module, for 

3 further processing a target computer content in order to determine the 

4 executability of the target computer content. 

1 15. The system of claim 13, wherein the memory module stores a value 

2 representing each of the computer contents. 
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1 16. The system of claim 15, wherein the access control module is configured to 

2 determine the presence of the value in the memory module as representing a target 

3 computer content. 

1 17. The system of claim 1 5, wherein the value is a hash value. 

1 18. An anti-virus module, comprising: 

2 a memory module for storing time stamps of computer contents; and 

3 an access control module, coupled to the memory module, for comparing the time 

4 stamp of a computer content with a computer virus alert time to determine 

5 the executability of the computer content. 

1 19. The anti-virus module of claim 18, further comprising: 

2 a computer virus processing module, coupled to the access control module, for 

3 further processing the computer content. 

1 20. A computer-implemented method for computer virus prevention, said 

2 method comprising the steps of: 

3 creating a list of time-stamped executable computer contents; 

4 entering a virus alert mode in response to a virus outbreak report; 

5 responsive to the virus alert mode, entering an access control message for 

6 specifying an access control rule for blocking the execution of suspicious or 

7 susceptible computer contents that are time-stamped not before a virus alert 

8 time, the access control message including a first control parameter for 

9 generating the virus alert time; 

1 0 receiving a request to execute a target computer content; and 




38 



20423/05957/DOCS/l 167370.4 



»;> :r"!i »7"-«j-,3i jj . v . v n-'.i »v it~h -vjj .h'-tj ..?r-:» -■-<: 

...a, 7'...*/ ""tr u;;w ~xr ^ ;ct .« r?L..» 31.7;;; ~;if* ;&.jf ...if,, 



1 1 determining the executability of the target computer content based on the access 

12 control rule in the access control message. 

1 21. The method of claim 20, wherein the step of creating a list of time-stamped 

2 executable computer contents, comprises: 

3 applying anti-virus operation upon each executable computer content; 

4 storing a hash value of each executable computer contents in the list; and 

5 inserting a time stamp corresponding to the moment of storing the hash value of the 

6 executable computer content. 

1 22. The method of claim 20, wherein the step of determining the executability 

2 of the target computer content comprises the steps of: 

3 receiving the access control message; 

4 converting the first control parameter into the virus alert time; 

5 comparing the time stamp of the target computer content in the list with the virus 

6 alert time; and 

7 determining the executability of the target computer content based on the result of 

8 the comparing step. 

1 23 . The method of claim 22, further comprising the step of: 

2 applying an anti-virus operation upon the target computer content. 

1 24. The method of claim 20, wherein the control message comprises: 

2 a second control parameter for specifying types of computer contents that should be 

3 subject to the access control rule; 

4 a third control parameter for specifying an expiration time for the access control 

5 rule; and 
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6 a fourth control parameter for identifying the access control message. 

1 25. The method of claim 24, further comprising the step of: 

2 determining validity of the access control message based on the third control 

3 parameter. 

1 26. The method of claim 24, further comprising the step of: 

2 determining executability of the target computer content based on the second 

3 control parameter. 

1 27. A computer-implemented method for computer virus prevention, said 

2 method comprising the steps of: 

3 creating a list of time-stamped executable computer contents; 

4 entering a virus alert mode in response to a virus outbreak report; 

5 responsive to the virus alert mode, entering an access control message for 

6 specifying an access control rule for blocking data communication initiated 

7 by computer contents that are time-stamped not before a virus alert time, the 

8 access control message including a first control parameter for generating the 

9 virus alert time; 

10 receiving a request to examine a target computer content that participates in the 

1 1 data communication; and 

12 determining whether the data communication should be blocked based on the 

13 access control rule. 

1 28. The method of claim 27, wherein the step of determining whether the data 

2 communication should be blocked comprises the steps of: 

3 receiving the access control message; 
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4 converting the first control parameter into the virus alert time; 

5 comparing the time stamp of the target computer content in the list with the virus 

6 alert time; and 

7 determining whether the data communication should be blocked based on the 

8 comparing step. 

1 29. The method of claim 28, wherein the data communication is blocked when 

2 the target computer content is time-stamped not before the virus alert time. 

1 30. A computer access control system for computer virus prevention, 

2 comprising: 

3 a firewall module monitoring data communications initiated by a target computer 

4 content and sending a request to examine the data communications; 

5 an access control console, for generating an access control message specifying an 

6 access control rule for blocking data communications of the target computer 

7 contents that are time-stamped not before a virus alert time, the access 

8 control message including a first control parameter for generating the virus 

9 alert time; and 

10 an access control module, coupled to the access control console and the firewall 

1 1 module, configured to receive the access control message and a request 

12 from the firewall module, and to generate the virus alert time based on the 

13 virus access control time and to determine whether the data communication 

14 should be blocked based on the access control rule. 
1 3 1 . A computer program product comprising: 
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2 a computer usable medium having computer readable code embodied therein for 

3 computer access control for computer virus prevention, the computer program product 

4 comprising: 

5 a computer readable program code device configured to receive a computer virus 

6 status mode in response to a computer virus outbreak report; 

7 a computer readable program code device configured to generate a computer virus 

8 alert time corresponding to entry into the computer virus status mode; 

9 a computer readable program code device configured to compare a time stamp of a 

1 0 computer content with the computer virus alert time; and 

1 1 a computer readable program code device configured to determine executability of 

12 the computer content in response to the result of comparing the time stamp 

1 3 of the computer content with the computer virus alert time. 

1 32. A computer access control system for computer virus prevention, said 

2 system comprising: 

3 means for entering a computer virus status mode and for generating a virus access 

4 control time; and 

5 coupled to the entering and generating means, means for calculating a virus alert 

6 time based on the virus access control time; and 

7 coupled to the calculating virus alert time means, means for comparing a time 

8 stamp of a target computer content with the virus alert time prior to 

9 execution of the computer content. 

1 33. A computer access control system for computer virus prevention, said 

2 system comprising: 
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means for storing time-stamped executable computer contents; 
a firewall means for monitoring data communications occurring to the executable 
computer contents; 

means for entering a computer virus status mode and for generating a virus access 
control time; 

coupled to the entering and generating means, means for calculating a virus alert 
time based on the virus access control time; and 

coupled to the calculating virus alert time means and the storing means and the 
firewall means, means for comparing a time stamp of an executable 
computer content with the virus alert time to determine whether the data 
communication occurring to the executable computer content should be 
blocked . 
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